Aj@x
Zerinho
Registrado
535 Mensagens
54 Curtidas
Robson, geralmente esses dois programas não são para manutenção preventiva, e sim corretiva.
Apesar de popularizados, requerem conhecimento do participante do fórum, o que em muitas vezes não acontece.
No seu caso, talvez um scan online da F-Secure ou o MalwareBytes pudesse resolver.
Tem o fórum da Linha Defensiva que é mais adequado.
Mas por comodidade, pode também esperar as dicas aqui do Wing, que realmente sabe.
Boa sorte, e espero que seu Pc esteja limpo.
Robson ls
Membro Senior
Registrado
236 Mensagens
13 Curtidas
Robson, geralmente esses dois programas não são para manutenção preventiva, e sim corretiva.
Apesar de popularizados, requerem conhecimento do participante do fórum, o que em muitas vezes não acontece.
No seu caso, talvez um scan online da F-Secure ou o MalwareBytes pudesse resolver.
Tem o fórum da Linha Defensiva que é mais adequado.
Mas por comodidade, pode também esperar as dicas aqui do Wing, que realmente sabe.
Boa sorte, e espero que seu Pc esteja limpo.
Obrigado pela resposta.
Eu já fiz uma verificação com o Malwarebytes. Vou fazer uma verificação com o F-secure agora.
Klash
Highlander
Registrado
9.2K Mensagens
762 Curtidas
Robson ls
Membro Senior
Registrado
236 Mensagens
13 Curtidas
Olá Robson ls
Você quer saber como usar Combo Fix ou Banker Fix? Ou já fez o scan?
Caso já fez o scan, poste o log para que seja analisado.
Pelo que eu vi você fez o scan com o MalwareBytes, então poste o log dele aqui também.
Problemas com vírus? Saiba como criar um tópico para análise.
Abraços
Obrigado amigo.
Eu também preciso de ajuda para usar o Combo Fix, por isso ainda não fiz um scan. Se puder me orientar, muito obrigado.
Quanto ao malwarebytes, o scan não encontrou nenhum arquivo malicioso, por isso não postei o log. Mas, se mesmo assim for necessário, eu posto.
Klash
Highlander
Registrado
9.2K Mensagens
762 Curtidas
Robson ls
Membro Senior
Registrado
236 Mensagens
13 Curtidas
Olá, obrigado pela gentileza e desculpe pela demora em responder. Aqui vai o log:
ComboFix 12-09-26.06 - Robson 26/09/2012 23:07:11.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4086.2508 [GMT -3:00]
Executando de: c:\users\Robson\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\MessengerPlus
c:\users\Win!!!\AppData\Local\Microsoft\Windows\Temporary Internet Files\{AF3B5F0E-CA85-4774-BCA8-9B76B6C3D28B}.xps
c:\windows\SysWow64\ijl11.dll
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2012-08-27 to 2012-09-27 ))))))))))))))))))))))))))))
.
.
2012-09-27 02:14 . 2012-09-27 02:14 -------- d-----w- c:\users\Graciele\AppData\Local\temp
2012-09-27 02:14 . 2012-09-27 02:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-27 02:14 . 2012-09-27 02:14 -------- d-----w- c:\users\Win!!!\AppData\Local\temp
2012-09-27 01:17 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-15 16:45 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-15 16:45 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-15 16:45 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-15 16:45 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-15 16:45 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-15 16:45 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-15 16:45 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-15 16:09 . 2012-09-15 16:09 -------- d-----w- c:\program files (x86)\ADPHONE3
2012-09-09 17:05 . 2012-09-22 00:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-09 17:05 . 2012-09-07 20:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-15 16:46 . 2011-01-05 01:10 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-04 02:19 . 2012-04-01 05:08 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-04 02:19 . 2011-05-16 19:22 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-28 23:24 . 2012-07-07 06:02 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-28 23:24 . 2011-01-08 19:24 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-18 18:15 . 2012-08-18 15:24 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 02:17 . 2012-08-15 02:45 37536 ----a-w- c:\windows\system32\drivers\NISx64\1308000.00E\srtspx64.sys
2012-07-06 02:17 . 2012-08-15 02:45 737952 ----a-w- c:\windows\system32\drivers\NISx64\1308000.00E\srtsp64.sys
2012-07-04 22:16 . 2012-08-18 15:23 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-18 15:23 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-18 15:23 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-18 15:23 41984 ----a-w- c:\windows\SysWow64\browcli.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-18 911160]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"qubnfe"="c:\program files (x86)\qubnfe\qubnfe.exe" [2012-05-01 1200440]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"VRS"="c:\program files (x86)\NCH Software\VRS\vrs.exe" [2012-09-15 1324036]
.
c:\users\Win!!!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
c:\users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Conexão de Banda Larga - Atalho.lnk - [N/A]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-04 250568]
R3 ALSysIO;ALSysIO;c:\users\Robson\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AxonService;Axon Virtual PBX;c:\program files (x86)\NCH Software\Axon\axon.exe [2012-09-15 1287684]
R3 IMSService;IMS Telephone On-Hold Player;c:\program files (x86)\NCH Swift Sound\IMS\ims.exe [2012-09-15 1138692]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-14 343856]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 13280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS [2012-03-28 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-08 254528]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120925.001\IDSvia64.sys [2012-09-01 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-01-17 301720]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-05-21 80944]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-21 539184]
S2 VRSService;VRS Recording System;c:\program files (x86)\NCH Software\VRS\vrs.exe [2012-09-15 1324036]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2008-11-12 57344]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-10-10 1924096]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver64.sys [2011-02-03 56408]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2012-09-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 02:19]
.
2012-09-27 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2012-08-18 16:48]
.
2012-08-26 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Photosmart Plus B210 series\Bin\hpwebreg.exe [2010-11-16 23:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1702400]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com.br/
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchURL,(Default) = hxxp://www.oquefazernainternet.com/q/%s
mCustomizeSearch = hxxp://www.oquefazernainternet.com/
mSearchAssistant = hxxp://www.oquefazernainternet.com/
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{56E2A55A-2D9B-4899-9B21-BF59E587BA85}: NameServer = 200.204.0.10 200.204.0.138
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run- - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-3768386665-1314383183-1947410892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3768386665-1314383183-1947410892-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-3768386665-1314383183-1947410892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-3768386665-1314383183-1947410892-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2012-09-26 23:18:10
ComboFix-quarantined-files.txt 2012-09-27 02:18
.
Pré-execução: 337.797.246.976 bytes disponíveis
Pós execução: 339.110.223.872 bytes disponíveis
.
- - End Of File - - A8C30A1E292719026ABB022DDC4B53FD
Wings
Cyber Highlander
Registrado
20.3K Mensagens
1.2K Curtidas
Olá Robson ls
O PC está limpo.
Renomei o Combofix para Uninstall
*Execute-o, aguarde a mensagem ComboFix foi desinstalado e clique [OK]
*Delete o arquivo C:\Combofix.txt
Um abraço.
Robson ls
Membro Senior
Registrado
236 Mensagens
13 Curtidas
Olá Robson ls
O PC está limpo.
Renomei o Combofix para Uninstall
*Execute-o, aguarde a mensagem ComboFix foi desinstalado e clique [OK]
*Delete o arquivo C:\Combofix.txt
Um abraço.
Obrigado Wings.
Meu Internet Explorer fica exibindo a caixa de mensagem "você esta prestes a sair de uma conexão segura com a internet" depois que usei o Combo Fix. Isso é normal?
Depois que eu desinstalar o Combo Fix ele volta ao normal? Tem algum problema em eu ter usado a internet sem ter desinstalado o Combo Fix?
Wings
Cyber Highlander
Registrado
20.3K Mensagens
1.2K Curtidas
Não há problema.
Caso a mensagem apareça novamente, basta selecionar a opção Não mostrar este aviso no futuro e clique [Sim].